------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-20            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-02-04
  Severity: 4
      Type: Remote
------------------------------------------------------------------------

Summary
=======

A serious vulnerability was found in TLS/SSLv3 protocol as  implemented 
in nss, which can  be  used  by  man-in-the-middle  attackers  to  send 
arbitrary requests to the server as if legitimate  user.  [UPDATE]  The 
issue is fixed in Pardus 2008 


Description
===========

The TLS/SSLv3 protocol as implemented in nss prior to this  update  was 
not able to associate already sent data to a  renegotiated  connection. 
This allowed man-in-the-middle attackers to inject HTTP requests  in  a 
HTTPS session without being noticed. For example Apache's  mod_ssl  was 
vulnerable to this kind of attack because it uses openssl. 



NOTE: This is the same as PLSA-2009-191.With this  update,renegotiation 
is completely disabled. 


Affected packages:

  Pardus 2009:
    nss, all before 3.12.5.0-29-8


Resolution
==========

There are update(s) for nss. You can update them via Package Manager or 
with a single command from console: 

    pisi up nss

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=12147
  * http://bugs.pardus.org.tr/show_bug.cgi?id=11515
  * https://developer.mozilla.org/NSS_3.12.5_release_notes
  * https://bugzilla.mozilla.org/show_bug.cgi?id=526689